IPv6 Server: Internet super daemon (xinetd)

From OnnoWiki
Jump to navigation Jump to search

IPv6 is supported since xinetd version around 1.8.9. Always use newest available version. At least version 2.3.3 must be used, older versions can contain remote exploitable security holes.

Some Linux distribution contain an extra package for the IPv6 enabled xinetd, some others start the IPv6-enabled xinetd if following variable is set: NETWORKING_IPV6="yes", mostly done by /etc/sysconfig/network (only valid for Red Hat like distributions). In newer releases, one binary supports IPv4 and IPv6.

If you enable a built-in service like e.g. daytime by modifying the configuration file in /etc/xinetd.d/daytime like

# diff -u /etc/xinetd.d/daytime.orig /etc/xinetd.d/daytime 
--- /etc/xinetd.d/daytime.orig Sun Dec 16 19:00:14 2001 
+++ /etc/xinetd.d/daytime Sun Dec 16 19:00:22 2001 
@@ -10,5 +10,5 @@ 
        protocol = tcp 
        user = root 
        wait = no 
-       disable = yes 
+       disable = no 
 }

After restarting the xinetd you should get a positive result like:

# netstat -lnptu -A inet6 |grep "xinetd*" 
tcp 0 0 ::ffff:192.168.1.1:993  :::*  LISTEN  12345/xinetd-ipv6 
tcp 0 0 :::13                   :::*  LISTEN  12345/xinetd-ipv6 <- service daytime/tcp
tcp 0 0 ::ffff:192.168.1.1:143  :::*  LISTEN  12345/xinetd-ipv6

Shown example also displays an IMAP and IMAP-SSL IPv4-only listening xinetd.

Note: earlier versions had a problem that an IPv4-only xinetd won't start on an IPv6-enabled node and also the IPv6-enabled xinetd won't start on an IPv4-only node. This is known to be fixed in later versions, at least version 2.3.11.